ModSecurity

: Hosting Definitions; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and in case it discovers an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the traffic than any server does, so you'll be able to keep track of what is happening with your sites much better than if you rely merely on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies whether someone is attempting to log in to the administrator area of a given script several times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall blocks the attempts instantly, and then records comprehensive info about them inside its logs. ModSecurity is one of the most effective software firewalls on the market and it can protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins often.

ModSecurity in Website Hosting

ModSecurity is provided with all website hosting web servers, so if you choose to host your Internet sites with our firm, they'll be protected against a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you will have to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs from your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the protection of our customers' sites very seriously, we employ a collection of commercial rules that we get from one of the top firms that maintain this type of rules. Our admins also add custom rules to ensure that your sites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans which we offer feature ModSecurity and because the firewall is turned on by default, any Internet site that you create under a domain or a subdomain shall be protected immediately. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to start and stop the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity won't take any action, but it'll still detect possible attacks and shall keep all data inside a log as if it were 100% active. The logs could be found in the same section of the CP and they offer information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we employ on our servers are a mix between commercial ones from a security company and custom ones made by our system administrators. As a result, we offer higher security for your web applications as we can shield them from attacks even before security corporations release updates for completely new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting Control Panel, so your web applications shall be protected from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you could disable it with a click of your mouse via the corresponding section of Hepsia. You could also set it to work in detection mode, so it shall keep a detailed log of any potential attacks without taking any action to stop them. The logs are available inside the same section and provide details about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For optimum security, we use not simply commercial rules from a company working in the field of web security, but also custom ones our administrators add personally in order to respond to new risks that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain which you create on the web server. In the event that a web application does not work adequately, you may either turn off the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any potential attack which could occur, but won't take any action to stop it. The logs generated in active or passive mode will present you with more details about the exact file that was attacked, the type of the attack and the IP address it came from, and so forth. This info shall allow you to determine what measures you can take to boost the protection of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial package from a third-party security company we work with, but occasionally our admins include their own rules also in the event that they identify a new potential threat.